Adoptable Cookbooks List

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

aix

amazon

centos

debian

fedora

freebsd

gentoo

mac_os_x

omnios

openbsd

opensuse

opensuseleap

oracle

redhat

ubuntu

scientific

smartos

solaris

suse

windows

zlinux

The chef_nginx
cookbook has been deprecated

The chef_nginx cookbook has been deprecated and is no longer
being maintained by its authors. Use of the chef_nginx
cookbook is no longer recommended.
You may find that the nginx
cookbook is a suitable alternative.

node['nginx']['init_style'] - How to run nginx as a service when using chef_nginx::source. Values can be "runit", "upstart", or "init". When using runit that recipes will be included as well. This attribute is not used in the package recipe because the package manager's init script style for the platform is assumed.

node['nginx']['upstart']['foreground'] - Set this to true if you want upstart to run nginx in the foreground, set to false if you want upstart to detach and track the process via pid.

node['nginx']['upstart']['runlevels'] - String of runlevels in the format '2345' which determines which runlevels nginx will start at when entering and stop at when leaving.

node['nginx']['upstart']['respawn_limit'] - Respawn limit in upstart stanza format, count followed by space followed by interval in seconds.

node['nginx']['keepalive'] - Whether to use keepalive_timeout, any value besides "on" will leave that option out of the config.

node['nginx']['keepalive_requests'] - used for config value of keepalive_requests.

node['nginx']['keepalive_timeout'] - used for config value of keepalive_timeout.

node['nginx']['worker_processes'] - used for config value of worker_processes.

node['nginx']['worker_rlimit_nofile'] - used for config value of worker_rlimit_nofile. Can replace any "ulimit -n" command. The value depend on your usage (cache or not) but must always be superior than worker_connections.

node['nginx']['multi_accept'] - used for config value of events { multi_accept }. Try to accept() as many connections as possible. Disable by default.

node['nginx']['event'] - used for config value of events { use }. Set the event-model. By default nginx looks for the most suitable method for your OS.

node['nginx']['accept_mutex_delay'] - used for config value of accept_mutex_delay

node['nginx']['server_tokens'] - used for config value of server_tokens.

node['nginx']['server_names_hash_bucket_size'] - used for config value of server_names_hash_bucket_size.

node['nginx']['disable_access_log'] - set to true to disable the general access log, may be useful on high traffic sites.

node['nginx']['access_log_options'] - Set to a string of additional options to be appended to the access log directive

node['nginx']['error_log_options'] - Set to a string of additional options to be appended to the error log directive

node['nginx']['default_site_enabled'] - enable the default site

node['nginx']['sendfile'] - Whether to use sendfile. Defaults to "on".

node['nginx']['tcp_nopush'] - Whether to use tcp_nopush. Defaults to "on".

node['nginx']['tcp_nodelay'] - Whether to use tcp_nodelay. Defaults to "on".

node['nginx']['install_method'] - Whether nginx is installed from packages or from source.

node['nginx']['types_hash_max_size'] - Used for the types_hash_max_size configuration directive.

node['nginx']['types_hash_bucket_size'] - Used for the types_hash_bucket_size configuration directive.

node['nginx']['proxy_read_timeout'] - defines a timeout (between two successive read operations) for reading a response from the proxied server.

node['nginx']['client_body_buffer_size'] - used for config value of client_body_buffer_size.

node['nginx']['client_max_body_size'] - specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length.

node['nginx']['repo_source'] - when installed from a package this attribute affects which yum repositories, if any, will be added before installing the nginx package. The default value of 'epel' will use the yum-epel cookbook, 'nginx' will use the chef_nginx::repo recipe, 'passenger' will use the 'chef_nginx::repo_passenger' recipe, and setting no value will not add any additional repositories.

node['nginx']['sts_max_age'] - Enable Strict Transport Security for all apps (See: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). This attribute adds the following header: Strict-Transport-Security max-age=SECONDS to all incoming requests and takes an integer (in seconds) as its argument.

node['nginx']['default']['modules'] - Array specifying which modules to enable via the conf-enabled config include function. Currently the only valid value is "socketproxy".

authorized_ips module

node['nginx']['remote_ip_var'] - The remote ip variable name to use.

node['nginx']['authorized_ips'] - IPs authorized by the module

gzip module

node['nginx']['gzip'] - Whether to use gzip, can be "on" or "off"

node['nginx']['gzip_http_version'] - used for config value of gzip_http_version.

node['nginx']['gzip_comp_level'] - used for config value of gzip_comp_level.

node['nginx']['gzip_proxied'] - used for config value of gzip_proxied.

node['nginx']['gzip_vary'] - used for config value of gzip_vary.

node['nginx']['gzip_buffers'] - used for config value of gzip_buffers.

node['nginx']['gzip_types'] - used for config value of gzip_types - must be an Array.

node['nginx']['gzip_min_length'] - used for config value of gzip_min_length.

node['nginx']['gzip_disable'] - used for config value of gzip_disable.

node['nginx']['gzip_static'] - used for config value of gzip_static (http_gzip_static_module must be enabled)

Other configurations

node['nginx']['extra_configs'] - a Hash of key/values to nginx configuration.

chef_nginx::echo

These attributes are used in the chef_nginx::http_echo_module recipe.

node['nginx']['echo']['version'] - The version of http_echo you want (default: 0.59)

node['nginx']['echo']['url'] - URL for the tarball.

node['nginx']['echo']['checksum'] - Checksum of the tarball.

chef_nginx::devel

These attributes are used in the chef_nginx::ngx_devel_module recipe.

node['nginx']['devel']['version'] - The version of the nginx devel module

chef_nginx::geoip

These attributes are used in the chef_nginx::http_geoip_module recipe. Please note that the country_dat_checksum and city_dat_checksum are based on downloads from a datacenter in Fremont, CA, USA. You really should override these with checksums for the geo tarballs from your node location.

Note The upstream, maxmind.com, may block access for repeated downloads of the data files. It is recommended that you download and host the data files, and change the URLs in the attributes.

node['nginx']['geoip']['path'] - Location where to install the geoip libraries.

chef_nginx::http_realip_module

node['nginx']['realip']['header'] - Header to use for the RealIp Module; only accepts "X-Forwarded-For" or "X-Real-IP"

node['nginx']['realip']['addresses'] - Addresses to use for the http_realip configuration.

node['nginx']['realip']['real_ip_recursive'] - If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. Can be on "on" or "off" (default).

chef_nginx::passenger

These attributes are used in the chef_nginx::passenger recipe.

node['nginx']['passenger']['version'] - passenger gem version

node['nginx']['passenger']['root'] - passenger gem root path

node['nginx']['passenger']['install_rake'] - set to false if rake already present on system

Resources

nginx_site

Enable or disable a Server Block in #{node['nginx']['dir']}/sites-available by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in #{node['nginx']['dir']}/sites-enabled.

Actions

enable - Enable the nginx site (default)

disable - Disable the nginx site

Properties:

name - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that.

template - (optional) Path to the source for the template resource.

variables - (optional) Variables to be used with the template resource

Ohai Plugin

The ohai_plugin recipe includes an Ohai plugin. It will be automatically installed and activated, providing the following attributes via ohai, no matter how nginx is installed (source or package):

node['nginx']['version'] - version of nginx

node['nginx']['configure_arguments'] - options passed to ./configure when nginx was built

node['nginx']['prefix'] - installation prefix

node['nginx']['conf_path'] - configuration file path

In the source recipe, it is used to determine whether control attributes for building nginx have changed.

Usage

This cookbook provides three distinct installation methods, all of which are controlled via attributes and executed using the chef_nginx::default recipe.

Package installation using the nginx.org repositories

Nginx provides repositories for RHEL, Debian/Ubuntu, and Suse platforms with up to date packages available on older distributions. Due to the age of many nginx packages shipping with distros we believe this is the ideal installation method. With no attributes set the nginx.org repositories will be added to your system and nginx will be installed via package. This provides a solid out of the box install for most users.

Package installation using distro repositories

If you prefer to use the packages included in your distro or to roll your own packages you'll want to set node['nginx']['repo_source'] to nil or distro to skip the repository setup. The default recipe will still install nginx from packages, but you'll retain control over the package location.

Source installation to compile non-dynamic modules

If you need control over how nginx is built, or you need non-dynamic modules to be included you'll need to compile nginx from source. We highly recommend against using this method as it requires the installation of a full compilation toolchain and development dependencies on your nodes. Creating your own packages with nginx compiled as necessary is a preferred option. If that's not possible you can set node['nginx']['install_method'] to source and provide a version in node['nginx']['version'].

Specifying Modules to compile

The following recipes are used to build module support into nginx. To compile a module, add its recipe name to the array attribute node['nginx']['source']['modules'].

ipv6.rb - enables IPv6 support

headers_more_module -

http_auth_request_module`

http_echo_module.rb - downloads the http_echo_module module and enables it as a module when compiling nginx.

http_geoip_module.rb - installs the GeoIP libraries and data files and enables the module for compilation.

http_gzip_static_module.rb - enables the module for compilation. Be sure to set node['nginx']['gzip_static'] = 'yes'.

http_mp4_module -

http_perl_module.rb - enables embedded Perl for compilation.

http_realip_module.rb - enables the module for compilation and creates the configuration.

upload_progress_module.rb - builds the upload_progress module and enables it as a module when compiling nginx.

Resources

nginx_site

Enable or disable a Server Block in #{node['nginx']['dir']}/sites-available by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in #{node['nginx']['dir']}/sites-enabled.

Actions

enable - Enable the nginx site (default)

disable - Disable the nginx site

Properties:

name - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that.

template - (optional) Path to the source for the template resource.

cookbook - (optional) The cookbook that contains the template source.

variables - (optional) Variables to be used with the template resource

Adding New Modules

Previously we'd add each possible module to this cookbook itself. That's not necessary using wrapper cookbooks and we'd prefer to not add any addition module recipes at this time. Instead in your nginx wrapper cookbook setup any necessary packages and then include the follow code to add the module to the list of modules to compile:

Copyright 2008-2016, Chef Software, Inc
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

nginx Cookbook CHANGELOG

This file is used to list changes made in each version of the nginx cookbook.

5.0.6 (2017-01-16)

Rebuild shared library cache after installing luajit

5.0.5 (2017-01-09)

Fix typo in the pagespeed recipe

5.0.4 (2017-01-04)

Avoid deprecation warnings by only defining nginx service once

5.0.3 (2017-01-03)

Add ability to write passenger log to another location

Properly disable the default site with nginx.org packages

5.0.2 (2016-12-22)

Requite the latest compat_resource

5.0.1 (2016-12-13)

Use multipackage in pagespeed module recipe to speed up installs

Simplify the distro repo setup logic to ensure we're using the correct repos under all conditions. Previously the upstream repo was being missed on Suse systems

Determine pidfile location correctly via a helper so we correctly set pidfiles when using Upstream packages on Ubuntu 14.04 / 16.04. This involved removing the attribute for the pidfile location, which may cause issues if you relied on that attribute.

Testing improvements to make sure all suites run and the suites are testing the correct conditions

5.0.0 (2016-12-07)

Breaking changes

Default to the upstream nginx.org repo for package installs. The official nginx repo gives an improved experience over outdated distro releases. This can be disabled via attribute if you'd like to remain on the distro packages.

Other changes

Add a deprecation warning when using runit

Rewrite the readme usage section

Better document how to compile modules

4.0.2 (2016-12-01)

Default to openssl 1.0.2j with source installs

Add cookbook property to the nginx_site resource to allow using templates defined in other cookbooks

Prevent default docroot index.html on bad url in status

Readme improvements

4.0.1 (2016-10-31)

Fix a version check in the realip recipe

Align the config with the default config a bit

Fix the ChefSpec matchers now that nginx_site is a custom resource

4.0.0 (2016-10-31)

Breaking changes

The nginx_site definition is now a custom_resource. This improves the overall experience and allows for notifications and reporting on resource updates. It does change the behavior in some circumstances however. Previously to disable a site you would set 'enable false' on your definition. This will still function, but will result in a deprecation warning. Instead you should use 'action :disable' since this is a real resource now.

Other changes

Avoid splitting on compile params in the ohai plugin, which resulted in some source installs attempting to install on every Chef run.

Expanded testing and improved kitchen suite setup

Improved documentation of attributes and cookbook usage

3.2.0 (2016-10-28)

Reload nginx on site change

3.1.2 (2016-10-24)

[GH-26] Remove guard on package[nginx] resource

Fix pcre packages on RHEL that prevented pagespeed module compilation

3.1.1 (2016-09-21)

Raise on error vs. Chef::Appliation.fatal

Require compat_resource with notification fixes

3.1.0 (2016-09-14)

Resolve FC023 warnings

FreeBSD fixes

Fail hard on unsupported platforms in the source recipe

Install 'ca-certificates' packages with passenger

Add passenger_show_version_in_header config

Remove chef 11 compatibility

Replace apt/yum deps with compat_resource

Fix specs for freebsd source installs

Remove apt recipe from the repo_passenger recipe

Switch to += operator as << also incorrectly replaces text in root.

3.0.0 (2016-08-18)

Breaking changes

Ideally we'd offer perfect backwards compatibility forever, but in order to maintain the cookbook going forward we've evaluated the current scope of the cookbook and removed lesser used functionality that added code complexity.

The minimum chef-client version is now 12.1 or later, which will enables support for Ohai 7+ plugins, the ohai_plugin custom resource, and automatic init system discovery.

Support for Gentoo has been removed. Gentoo lacks an official Chef package and there is no Bento image to use for Test Kitchen integration tests.

Support for the bluepill init system has been removed. Usage of this init system has declined, and supporting it added a cookbook dependency as well as code complexity.

Ubuntu source installs will no longer default to runit, and will instead use either Upstart or Systemd depending on the release of Ubuntu. You can still force the use of runit by setting default['nginx']['init_style'] to 'runit'. Runit was used historically before reliable init systems were shipped with Ubuntu. Both Upstart and Systemd have the concept of restarting on failure, which was the main reason for choosing Runit over sys-v init.

Other changes

Don't setup the YUM EPEL repo on Fedora as it's not needed

Systemd based platforms will now use systemd by default for source installs

Retry downloads of the nginx source file as the mirror sometimes fails to load

Add testing in Travis with Kitchen Dokken for full integration testing of each PR

Add integration test on Chef 12.1 as well as the latest Chef to ensure compatibility with the oldest release we support

Remove installation of apt-transport-https and instead increase the apt dependency to >= 2.9.1 which includes the installation of apt-transport-https

Don't try to setup the nginx.org repo on Fedora as this will fail

Better log when trying to setup repositories on unsupported platforms

Fixed source_url and issue_url in the metadata to point to the correct URLs

Removed Chef 10 compatibility code

Chefspec platform updates and minor fixes

Replace all usage of node.set with node.normal to avoid deprecation notices

Remove the suse init script that isn't used anymore

Speed up the specs with caching

Move test attributes and runlists out the kitchen.yml files and into a test cookbook

2.9.0 (2016-08-12)

Add support for Suse Nginx.org packages

v2.8.0 (2016-08-12)

This is the first release of the nginx codebase under the chef_nginx namespace. We've chosen to bring this cookbook under the direction of the Community Cookbook Team, in order to ship a working 2.X release. The cookbook name has been changed, but all attributes are the same and compatibility has been maintained. After this 2.8.0 release we will release 3.0 as a Chef 12+ version of the cookbook and then work to add additional custom resources for managing nginx with wrapper cookbooks. Expect regular releases as we march towards a resource driven model.

Removed the restrictive version constraints for cookbook dependencies that prevented users from utilizing new functionality. Ohai has been pinned to < 4.0 to allow for Chef 11 compatibility, but other cookbooks have no upper limit

Updated all modules in the source install to their latest releases

Removed the GeoIP database checksums as these files are constantly updates and this causes Chef run failures

v2.7.6 (2015-03-17)

v2.7.5 (2015-03-17)

NOTE As of this release, this cookbook in its current format is deprecated, and only critical bugs and fixes will be added. A complete rewrite is in progress, so we appreciate your patience while we sort things out. The amount of change included here

v2.3.0 (2014-02-25)

v2.2.2 (2014-01-23)

[COOK-3672] - Add gzip_static option

v2.2.0

No changes. Version bump for toolchain

v2.1.0

[COOK-3923] - Enable the list of packages installed by nginx::passenger to be configurable [COOK-3672] - Nginx should support the gzip_static option Updating for yum ~> 3.0 Fixing up style for rubocop Updating test-kitchen harness

v2.0.8

fixing metadata version error. locking to 3.0

v2.0.6

Locking yum dependency to '< 3'

v2.0.4

Bug

COOK-3808 - nginx::passenger run fails because of broken installation of package dependencies

v0.99.2

<!-- - The following link definition list is generated by PimpMyChangelog - -->

Collaborator Number Metric

5.0.6 passed this metric

Foodcritic Metric

5.0.6 failed this metric

FC016: LWRP does not declare a default action: /tmp/f5d8af4ab2719b965e13767c/chef_nginx/resources/site.rb:1Run with Foodcritic Version 8.1.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any